Major Transformations

Transformation Description
Virtualize Turn a function into a specialized interpreter.
Jit Turn a function into one that generates its code at runtime.
JitDynamic Turn a function into one that continously transforms itself at runtime.
 

Supporting Transformations

Transformation Description
Flatten Remove control flow from a function.
Merge Merge two functions into one.
Split Split a function into smaller parts.
RndArgs Reorder function arguments and/or add bogus arguments
AddOpaque Split up control flow by adding opaque branches.
EncodeLiterals Replace literals (integers and strings) by less obvious expressions.
EncodeData Replace integer variables with different representations.
EncodeArithmetic Replace integer arithmetic with more complex expressions.
 

Library Transformations

Transformation Description
InitOpaque, UpdateOpaque Create types and variables necessary to introduce opaque predicates and expressions, and add updates to upaque variables to make them harder to analyze.
InitEntropy, UpdateEntropy Create variables necessary to collect randomness, and insert instructions to collect randomness from input-dependent variables.
InitImplicitFlow Initialize signal handlers needed for the anti taint analysis transformation.
 

Anti-Analysis Transformations

Transformation Description
AntiBranchAnalysis, InitBranchFuns Make it harder for automatic analysis tools (such as disassemblers) to determine the target of branches.
EncodeExternal, InitEncodeExternal Hide API calls.
AntiAliasAnalysis Disrupt static analysis tools that make use of inter-procedural alias analysis.
AntiTaintAnalysis Disrupt dynamic analysis tools that make use of taint analysis.
 

Other Transformations

Transformation Description
Ident The identity transformation; it does nothing.
CleanUp Last transformation to run, to clean up the generated code.
Info Print internal information.
Measure Measure the time to run a function.
Copy Make a copy of a function.
RandomFuns Generate random functions to be used as targets in cracking exercises.
Leak Simulate a misbehaving obfuscator that leaks a secret from the program.